New features and enhancements in SNS version 4.8.13 LTSB

IPsec VPN - Certificates

Support reference 85930

In order to comply with the prescription "Other methods of generating unique numbers are also acceptable" in RFC 5280, SNS firewalls are now able to verify locally retrieved CRLs for certificates that are generated with SubjectKeyIdentifier and AuthorityKeyIdentifier.

Virtual IPsec interfaces (VTI)

In IPsec policies that are based on virtual IPsec interfaces, with any of the configurations listed below, a warning message now appears prompting the administrator to edit the configuration:

• Traffic selectors are networks instead of IP addresses,
• Remote and local traffic selectors are not in the same IP sub-network,
• Identical virtual interfaces are used in several rules in the filter policy.

Sandboxing

Support reference 86046

To prevent the saturation of processing queues, the firewall no longer sends the sandboxing infrastructure any e-mails without attachments, or any attachments in a format that is not supported by the sandboxing service.

CLI/Serverd command - SYSTEM PROPERTY

The CLI/Serverd command SYSTEM PROPERTY now provides the BIOS version with the BIOSRevision configuration token.

Privileges for access to private data

Now, when you connect to the firewall with an administrator account:

• Other than the 'admin' account,
• That has permissions to access private data,

And you access a module that contains private data, a pop-up will open, asking whether you wish to acquire privileges to access private data.